[WBEL-users] check permissions of all my files!
Kirby C. Bohling
kbohling at birddog.com
Tue May 17 14:09:21 CDT 2005
[I've removed the CC's for the lists I'm not subscribed to, if you
feel like forwarding it, that's fine with me, but I'd prefer not to
SPAM lists, I'm not a part of]
On Tue, May 17, 2005 at 02:39:11PM -0500, israel.garcia at cimex.com.cu wrote:
> List, How can I check the permissions of all the files of my CentOS
> I'm looking for some kind of report with this information..
> Is there some command? Some tool?
Define "check". I have no idea what you mean, so I'm going to take
a couple of guesses. Don't take this the wrong way, but you've
asked an unanswerable question. If you ask a more specific
question, you'll get better help.
You can use various tools to do this. If you want to establish a
baseline and then check back to that baseline, I believe Tripwire is
a fairly standard tool (there is another one that I've heard of:
http://sourceforge.net/projects/aide, I believe it is fairly popular
w/ the Bootable CD and Free Software crowd). These tools will do a
lot more then just check permissions. I believe that a number of
rootkit checkers have databases with permissions, MD5SUM's, and
various other information. I know someone on this list has said
they work with the rootkit finding tools to get good baselines.
If you want to check that the permissions match the RPM's, using rpm
-V will let you check the ownership and group amoung other
things(not sure about actual permission bits). This assumes you
trust the RPM database, or you can use the RedHat/Whitebox one that
If you want to just find files with permissions you deem in
appropriate (setuid, or setgid, world writeable), "find" can
probably do the job. Read the man page, the option you are looking
for is probably "-perm".
If you want to check the permissions for hardening, any number of
scripts can do that, I believe Bastille Linux
(http://www.bastille-linux.org/) is the most popular.
More information about the Whitebox-users